U.S. Bank is seeking a
Senior Information Security Risk and Compliance Consultant
with demonstrated competence and visionary leadership experience to contribute toward the success of our technology initiatives. The IS Risk and Compliance Consultant will lead and support various security initiatives to support GRC programs and services and the overall Security Compliance strategy and roadmap.
Lead/support security initiatives to support the information security GRC strategy & overall security.
Lead large and complex information security compliance related projects.
Provide subject matter expertise and drive enhancements for one or more security programs.
Manage and develop corporate information security policies.
Support information security policy compliance processes.
Provide Information Security subject matter expertise in various risk assessments.
Develop and maintain repeatable, documented processes to identify and collect risk conditions, facilitate remediation, and monitor remediation.
The ideal candidate will have a strong and well-rounded technical background; good understanding of IT governance; risk management concepts and industry accepted practices; and regulatory, legal and contractual requirements impacting financial institutions. Additionally we require the following qualifications:
• Bachelor's degree or equivalent work experience
• At least 10 Years’ experience in Information Technology
• 5-7 years of project management experience leading large scale compliance/remediation technology projects
• At least 7 years of experience with process, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting sensitive data.
• Proven ability to adapt to a fast growing and constantly changing environment Excellent verbal and written communication skills and the ability to act as the subject matter expert on matters related to Information Security and GRC
• Excellent analytical and decision-making skills
• Issue, problem and change management skills with the ability to prioritize and track, to the point of resolution, multiple issues
Additional desired skills and experience:
• Strong project management skills
• Use of predictive scheduling, focused on critical path delivery and escalation of issues/risks to ensure on time delivery of projects.
• Practical knowledge of how information security controls are implemented in complex financial services environments such as those at U.S. Bank.
• Knowledge and experience with industry best practices in the implementation of security controls
• Knowledge of U.S. Bank business-line activities and processes is a plus.
• Additional security-related certification, such as CISSP, CRISC, CGEIT, CISA
• Proven track record in negotiation and conflict resolution
• IT audit or security assessments experience
1st - Daytime